/*
 * Tencent is pleased to support the open source community by making BK-CI 蓝鲸持续集成平台 available.
 *
 * Copyright (C) 2019 THL A29 Limited, a Tencent company.  All rights reserved.
 *
 * BK-CI 蓝鲸持续集成平台 is licensed under the MIT license.
 *
 * A copy of the MIT License is included in this file.
 *
 *
 * Terms of the MIT License:
 * ---------------------------------------------------
 * Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation
 * files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy,
 * modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the
 * Software is furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
 * LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
 * NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
 * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
 * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 */

package com.tencent.devops.common.auth.util;

import com.tencent.devops.common.auth.api.external.BkAuthExPermissionApi;
import com.tencent.devops.common.auth.api.pojo.external.BkAuthExAction;
import com.tencent.devops.common.auth.api.pojo.external.model.BkAuthExResourceActionModel;
import org.apache.commons.collections.CollectionUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import javax.servlet.http.HttpServletRequest;
import java.util.ArrayList;
import java.util.List;

import static com.tencent.devops.common.api.auth.CodeCCHeaderKt.AUTH_HEADER_DEVOPS_PROJECT_ID;
import static com.tencent.devops.common.api.auth.CodeCCHeaderKt.AUTH_HEADER_DEVOPS_USER_ID;

/**
 * 管理员工具类
 *
 * @version V1.0
 * @date 2019/4/25
 */
public class AdminMemberUtils
{
    private static Logger logger = LoggerFactory.getLogger(AdminMemberUtils.class);

    public static boolean isAdminMember(BkAuthExPermissionApi bkAuthExPermissionApi)
    {
        HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.currentRequestAttributes()).getRequest();
        String userId = request.getHeader(AUTH_HEADER_DEVOPS_USER_ID);
        String projectId = request.getHeader(AUTH_HEADER_DEVOPS_PROJECT_ID);

        logger.debug("judge user is admin member: {}, {}", userId, projectId);
        List<BkAuthExResourceActionModel> validateResultList = bkAuthExPermissionApi.validateBatchPermission(userId, null, projectId, new ArrayList<BkAuthExAction>()
        {{
            add(BkAuthExAction.ADMIN_MEMBER);
        }});
        if (CollectionUtils.isNotEmpty(validateResultList))
        {
            BkAuthExResourceActionModel validateResult = validateResultList.get(0);
            if (validateResult.isPass())
            {
                logger.debug("Is admin member: {}, {}", userId, projectId);
                return true;
            }
        }
        logger.debug("Not admin member: {}, {}", userId, projectId);
        return false;
    }
}
